Monday, July 24, 2017

A year ago, today ...

In the last years of the Cold War (1984) the Red Dawn movie was released in the USA. The film was directed by John Millius and featuring stars of the time such as Patrick Swayze or Charlie Sheen, and it was a propagandist delirium in a war film format that served the US citizens as a self-indulgent excuse. But it started with a never seen before premise: the Russian Army, together with the Cuban an Nicaragua armies were able to invade the freedom country, defeating its armed forces.

This maneuver was later dismantled by a group of "heroic" and patriotic US kids. Nevertheless, this beginning was almost unthinkable, even more in the period we are talking about. Today we remember in our retrospective how one year ago Russians were able to beat the USA, althougt it was in the cybernetic world.

One year ago the famous US Democratic Party hacking took place. Considering that we were in the middle of a electoral campaign, most of the media pointed this attack was orchestrated by Trump to undermine the popularity of Hillary Clinton, his rival´s on the race for the US presidency. Nevertheless, two totems such as Dreck Burney and Fen Oslerpointed to another direction, we are talking about Russia.
And if this were not worrying enough, the Russian victory over the Americans was even more obvious when we knew that the attack to the party could have been even more serious than we thought at the first moment. Not only the attackers would have exposed compromised data from the democrats, but they got a database with information about all the opposition too.

We use to say that the Americans tend to sin of being very arrogant; if its truth or not we leave it to our readers discretion... but whats is clear that this sin, in cybersecurity matters, could be deadly (for your data), For example, did you think that by having a password manager your data were going to be safer? Don´t be so sure, because inf the software has big vulnerabilities, you are handing your credential over to the cybercriminals on a silver platter. This was what happened one year ago, with the well known LastPass.They discovered a 0Day that endangered the password of millions of users. Luckily the fixed the problem very quickly.

Another security measure that makes us feel confident to is the double authentication factor, doesn´t it? But the US standards laboratory doesn´t like this system... On the Digital Authentication Guideline released one year ago, they exposed that the SMS double authentication was outdated and we needed to look for new protection measures against cybercriminals- And we are talking about 2016...

Past mistakes offer us wisdom in the future. In cybersecurity, arrogance and prepotency could b our worst enemies. That´s why we must be aware that there is not always going to be a rescue team ready to save us when we are in a bind. This is not an American movie and there is not going to appear a hero to fix everything. So, we have to get energized, get informed and protect ourselves.